#!/usr/bin/env bash

# ----------------------------------------------------------------------
# Filename	:  03-chcon-secadm.sh
# Version	:  1.0
# Date		:  2020/05/29
# Author	:  Lz
# Email		:  lz843723683@gmail.com
# History	:     
#                  Version 1.0, 2020/05/29
# Function	: 测试三权分立secadm - 修改文件安全上下文
# Out		:        
#              0 => TPASS
#              1 => TFAIL
#              other=> TCONF
# ----------------------------------------------------------------------

# 测试主题
Title_Env_LTFLIB="三权分立(secadm) - 修改文件安全上下文"

HeadFile_Source_LTFLIB="${LIB_SSHAUTO}"

## TODO : 个性化,初始化
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestInit_LTFLIB(){
	# 创建临时文件
	tmpfile_chcon="${TmpTestDir_LTFLIB}/ltfchcon"
	if [ -f "$tmpfile_chcon" ];then
		rm -rf $tmpfile_chcon
	fi

	return ${TPASS}
}


## TODO : 清理函数
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
TestClean_LTFLIB(){
	if [ -f "$tmpfile_chcon" ];then
		rm -rf $tmpfile_chcon
	fi

	return ${TPASS}
}


## TODO ：修改文件安全上下文
testcase_1(){
	# 布尔变量
	local tmpvar="httpd_enable_homedirs"
	local tmplog=""
	tmplog="$(SshAuto_CmdLocalSec_LTFLIB "sudo getsebool ${tmpvar}" "no" "no")"
	
	echo $tmplog | grep -q -e "--> off"
	if [ $? -eq 0 ];then
	# 当前开关关闭
		# 打开布尔值
		SshAuto_CmdLocalSec_LTFLIB "sudo setsebool -P ${tmpvar} 1" "no" "no"
		tmplog="$(SshAuto_CmdLocalSec_LTFLIB "sudo getsebool ${tmpvar}" "no" "no")"
		echo $tmplog | grep -q -e "--> on"
		if [ $? -eq 0 ];then
			OutputRet_LTFLIB "$TPASS"
			TestRetParse_LTFLIB "设置 ${tmpvar} 布尔变量为 on" "False"
		else
			OutputRet_LTFLIB "$TFAIL"
			TestRetParse_LTFLIB "设置 ${tmpvar} 布尔变量为 on" "False"
		fi
	fi	

	# 判断是否存在测试文件
	if [ ! -f "$tmpfile_chcon" ];then
		SshAuto_CmdLocalSec_LTFLIB "touch $tmpfile_chcon" "no" "no"
	fi

	# 当前文件上下文环境为user_tmp_t
	ls -Z $tmpfile_chcon
	ls -Z $tmpfile_chcon | grep -q "user_tmp_t"
	CommRetParse_LTFLIB "当前 $tmpfile_chcon 文件上下文为 user_tmp_t" "False"
	
	# 修改文件安全上下文
	SshAuto_CmdLocalSec_LTFLIB "sudo chcon -t httpd_sys_content_t $tmpfile_chcon" "no" "no"
	CommRetParse_LTFLIB "修改 ${tmpfile_chcon} 安全上下文为 httpd_sys_content_t" "False"
	
	# 查看修改文件上下文
	ls -Z $tmpfile_chcon
	ls -Z $tmpfile_chcon | grep -q "httpd_sys_content_t"
	CommRetParse_LTFLIB "当前 $tmpfile_chcon 文件上下文为 httpd_sys_content_t" "False"

	# 复原
	SshAuto_CmdLocalSec_LTFLIB "sudo setsebool -P ${tmpvar} 0" "yes" "no"
}

## TODO : 测试用例集
#   Out : 0=>TPASS
#         1=>TFAIL
#         2=>TCONF
Testsuite_LTFLIB(){
	testcase_1

	return $TPASS
}


#----------------------------------------------#

source "${LIB_LTFLIB}"
Main_LTFLIB $@
